If you follow the "Surfing Web & e-shopping" page under "Be A Smart Internet User", the Government bookstore doesn't work properly (at least it didn't for said webmaster last year.) Test it out while using IE for bookings/shopping via ESDLife services:

http://www.infosec.gov.hk/engtext/general/protect/surfing.htm

And the bookshop: http://bookstore.esdlife.com

From the infosec.gov.hk page: 'Don't turn on active content enabling options (e.g. Active X, Java, JavaScript, cookie) in the email application/browser in order to prevent from malicious code attack, except communicating with a trusted source.'

Are users expected to keep changing security settings in Internet Explorer as they go from one site to another?